Maestro Security Group Management Interfaces

Gingerwerewolf — Tue, 22 Feb 2022 17:13:34 GMT

Im going through a replacement of a Cluster of Gateways split across 2 sites with a pair Maestros and 4x 7000 clusters split across 2 sites

Simply put the original site Gateway has multiple Interfaces, and the important part is that they use the Mgmt interface and route to and from it. Assume its IP is 192.168.101.1/24

The SMS is 192.178.101.100

So the SMS can get to the internet via 192.168.101.1, as the GW is its default gateway.

the 192.168.101.0/24 network only has one router on it, the GW @ .1 and has several other devices that are required on it, including things like LoM and similar.

So, onto my question

Im getting confused with the Maestro Management Interfaces - Ports 1-4 on the MHO 140

I know that they are used for the Security Groups. When I set up a security group to replace the original Gateway, Im going to need it to have access and be managed via 192.168.101.0/24. But Im also going to need it to continue routing to and from that network.

How do I go about setting this up, will that Ports 1-4 route the traffic? are there any gotchas I need to know about?

Im guessing that this is a common replacement but the way that ports 1-4 are labled has got me worried

Oh and Im running R81.10 SP with hotfix Take 30

Thanks in advance

Re: Maestro Security Group Management Interfaces

Danny — Tue, 22 Feb 2022 19:34:32 GMT

Don't use the management ports 1-4 if you want to route traffic through the management ports as they don't support it. Use an uplink port as management port instead. See here.

Re: Maestro Security Group Management Interfaces

Gingerwerewolf — Wed, 23 Feb 2022 11:23:32 GMT

Thank you!

topic Maestro Security Group Management Interfaces in Hyperscale Firewall (Maestro)

Maestro Security Group Management Interfaces

Re: Maestro Security Group Management Interfaces

Re: Maestro Security Group Management Interfaces